<?php
namespace app\behavior;
use think\Controller;

class CheckApi extends Controller{

  //免验证方法
  private $notCheckFunction = [
    'api.weapp.verify',
  ];

  public function checkApi(){
    $current_function = request()->controller().'.'.request()->action();
    if(!in_array($current_function,$this->notCheckFunction)){
      if(isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']){
        $url = parse_url($_SERVER['HTTP_REFERER']);
        if (!in_array($url['host'],HANDLER_SCOPE)){
          exit(json_encode(['ret'=>0,'msg'=>'拒绝访问！']));
        }
      }else{
        exit(json_encode(['ret'=>0,'msg'=>'IE是个大悲剧！']));
      }
    }
  }


}//END